Vol 2 Part 1: IP Access Control Lists

Question 1

What layer does error recover and flow control happen at?

Answer 1

Layer 4

Question 2

Between UDP and TCP, which provides error recover?

Answer 2

TCP

Question 3

TCP is defined in RFC# what?

Answer 3

RFC 793

Question 4

Multiplexing relies on a concept known as a BLANK

Answer 4

Socket

Question 5

What are the 3 things inside of a socket?

Answer 5

IP Address, Transport Protocol, and Port Number

Question 6

What is multiplexing?

Answer 6

Streaming multiple pieces of data within a single stream.

Question 7

What do the port numbers determine when multiplexing?

Answer 7

Port numbers are used to determine the data and its destined application

Question 8

What range of ports are the well known ports that are assigned by the Internet Assigned Numbers Authority (IANA)?

Answer 8

0-1023

Question 9

What range of ports are considered user registered ports?

Answer 9

1024-49151

Question 10

What are the two types of general protocols used with connections?

Answer 10

Connection-oriented (TCP) and connectionless (UDP)

Question 11

Connection-oriented protocols require an exchange of messages before or after data transfer begins?

Answer 11

Before. A pre established correlation is made between two endpoints. This is TCP.

Question 12

True or Fales: Connectionless protocols do NOT require an exchange of messages or correlation?

Answer 12

TRUE

Question 13

What fields within the TCP header are used to ensure reliability of data transfer?

Answer 13

SEQ and ACK

Question 14

Windowing allows the receiving end to let the sending end know what?

Answer 14

How much data it can receive at the current moment

Question 15

The receiving device will send a BLANK message to the sender to indicate either an increase or a decrease in its availability to receive data.

Answer 15

Window message

Question 16

What is the uniform resource identifier (URI)?

Answer 16

The web address typed or clicked ot access a page

Question 17

What are the three key components of a URI?

Answer 17

Protocol, Server Name, and Web Page

Question 18

Web pages typically have multiple files called BLANK

Answer 18

objects

Question 19

What are the two basic types of Access Control Lists (ACLs)?

Answer 19

Standard and Extended

Question 20

Standard and Extended ACLs have two main sub types; what are they?

Answer 20

Numbered and Named

Question 21

What is the difference between a standard and an extended ACL?

Answer 21

A standard ACL just uses a matching Source IP

An extended ACL using a matching source AND destination IP, as well as a source and destination port.

Question 22

Where do ACLs reside?

Answer 22

On the router

Question 23

What command is used to create an ACL?

Answer 23

ip access-list standard or extended name of ACL

Question 24

When creating a rule to permit/deny a range of IP addresses, what is typed in after the IP address to signify the range of IPs?

Answer 24

A wildcard

Question 25

Explain how a wild card works with regards to the permitted/denied range of IPs?

Answer 25

An octet in the wild card containing a number other than 0 corresponds to the octet in the IP address. This octet will be ignored when the ACL is choosing to permit or deny an IP address. For example. the command "access-list 1 permit 10.1.1.1" will permit that IP address only. However, the command "access-list 1 permit 10.1.1.0 0.0.0.255" will permit any IP address in the range 10.1.1.0-10.1.1.255

Question 26

A standard access list has what for a default initial range?

Answer 26

1-99

Question 27

A standard ACL should always be placed where in relation to the source and destination?

Answer 27

As close to the destination as possible

Question 28

An extended ACL should always be placed where in relation to the source and destination?

Answer 28

As close to the source as possible

Question 29

In general, where should your more specific rules in your ACL be placed within the ACL and why?

Answer 29

Towards the beginning. This is because the ACL will check the rules in order from first to last. If you want to deny a specific IP address, but it is within a range of permitted IP addresses, the IP address will be permitted if the router hits the permit rule for that range before it hits the deny rule for that specific IP.